Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/de875a-0576-4a15-be23-aea054cf43bb/1/_O0LKSVD2FWQH20B8h-W2BSyf7E.roa
File: _O0LKSVD2FWQH20B8h-W2BSyf7E.roa (raw, json)
Hash identifier: /osVaD1xwsZSvzrjM1Npx7gTyOHOWobbSsuEq9U9lZY=
Subject key identifier: FC:ED:0B:29:25:43:D8:55:90:1F:6D:01:F2:1F:96:D8:14:B2:7F:B1
Certificate issuer: /CN=d248185956e443b55b062200f964537bc10bc130
Certificate serial: 019423D72957E292C540A86B3497944AEB83
Authority key identifier: D2:48:18:59:56:E4:43:B5:5B:06:22:00:F9:64:53:7B:C1:0B:C1:30
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0kgYWVbkQ7VbBiIA-WRTe8ELwTA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/de875a-0576-4a15-be23-aea054cf43bb/1/_O0LKSVD2FWQH20B8h-W2BSyf7E.roa
Signing time: Wed 01 Jan 2025 21:48:10 +0000
ROA not before: Wed 01 Jan 2025 21:48:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 207788
IP address blocks: 195.43.159.0/24 maxlen: 24
195.47.210.0/24 maxlen: 24
195.47.212.0/24 maxlen: 24
195.47.216.0/24 maxlen: 24
2a0f:b6c0::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d7:29:57:e2:92:c5:40:a8:6b:34:97:94:4a:eb:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d248185956e443b55b062200f964537bc10bc130
Validity
Not Before: Jan 1 21:48:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=fced0b292543d855901f6d01f21f96d814b27fb1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:91:51:f5:86:67:22:cb:ad:43:30:24:de:8b:
5f:65:b5:4b:d5:11:4b:2d:cc:c6:6c:03:e2:f3:c0:
0d:ac:2d:a9:32:e6:4f:07:3d:e0:e4:f7:f7:f1:59:
05:ff:a1:52:b0:ee:4d:51:63:2e:cc:ae:41:60:68:
69:65:00:e5:86:b7:9d:0c:94:28:67:97:e1:32:cb:
b4:f5:49:9d:68:45:02:60:ec:ef:6c:22:3d:1d:13:
49:19:81:22:b0:07:f0:70:2f:23:73:5b:0e:12:e9:
34:f5:c7:40:7d:f5:d7:82:50:e8:cd:df:9b:51:50:
ce:f6:4b:01:3e:3c:16:ea:43:1e:ed:ec:c5:f4:a4:
7f:95:8a:89:f4:02:7c:93:33:52:6f:62:bb:f5:f0:
35:50:be:0f:0f:08:c8:2a:7e:35:a5:10:9d:c7:8b:
4a:64:f2:75:22:1f:02:95:af:e7:24:e3:f2:e3:27:
c3:84:b7:2a:10:39:e0:ec:78:67:87:01:39:15:87:
45:03:c4:67:b7:00:41:04:cf:b0:ec:23:2a:22:02:
47:ee:15:ea:a2:27:db:58:2a:64:bd:53:95:a1:13:
a2:64:c1:b7:31:cc:18:eb:8d:5d:41:03:d5:76:d9:
ea:f9:c4:0a:80:c9:4c:b9:47:16:28:64:af:68:1d:
90:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:ED:0B:29:25:43:D8:55:90:1F:6D:01:F2:1F:96:D8:14:B2:7F:B1
X509v3 Authority Key Identifier:
keyid:D2:48:18:59:56:E4:43:B5:5B:06:22:00:F9:64:53:7B:C1:0B:C1:30
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0kgYWVbkQ7VbBiIA-WRTe8ELwTA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/de875a-0576-4a15-be23-aea054cf43bb/1/_O0LKSVD2FWQH20B8h-W2BSyf7E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/de875a-0576-4a15-be23-aea054cf43bb/1/0kgYWVbkQ7VbBiIA-WRTe8ELwTA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.43.159.0/24
195.47.210.0/24
195.47.212.0/24
195.47.216.0/24
IPv6:
2a0f:b6c0::/29
Signature Algorithm: sha256WithRSAEncryption
3e:f2:d8:3d:4c:c6:60:09:ec:e8:08:5d:40:90:b1:1b:25:92:
0f:ac:9a:24:aa:cd:6d:a4:4e:a7:f5:e7:69:e2:03:ee:da:fd:
cd:ff:01:3b:94:ba:d1:70:86:23:68:25:e0:be:f6:b3:32:7f:
38:1f:72:19:ec:6b:2b:53:f5:aa:5a:e9:36:a4:e8:83:a6:69:
d0:b8:31:5f:fa:8e:1a:6b:43:9c:41:02:98:1d:81:a6:b1:7e:
14:b5:e8:85:45:2f:ec:ad:19:24:44:7a:c8:1e:4e:1d:b2:cb:
64:62:59:ad:3a:94:8e:12:a7:53:63:4f:75:13:c7:42:1e:65:
e4:94:9b:3c:02:8d:3c:26:62:3d:44:dc:7a:28:ce:b9:53:e8:
45:ca:c3:c2:70:30:3a:6e:b6:c6:e2:f8:30:e4:fa:11:6a:a4:
0b:b7:6d:7d:76:30:51:3f:96:f9:b4:b5:5e:da:8e:fb:5d:c5:
93:00:ca:a5:33:01:fa:4d:07:25:7b:26:8c:ce:5e:9e:26:15:
09:59:3d:60:f1:8a:09:06:3e:20:4a:00:67:a0:72:40:5c:0d:
a9:3d:14:21:68:4f:29:d7:fe:ee:b8:19:96:13:24:04:de:f4:
1e:a0:ff:0e:ea:9e:3d:9e:cc:9a:04:12:6e:28:bf:6a:97:81:
a3:69:70:b8
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAZQj1ylX4pLFQKhrNJeUSuuDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyNDgxODU5NTZlNDQzYjU1YjA2MjIwMGY5NjQ1MzdiYzEw
YmMxMzAwHhcNMjUwMTAxMjE0ODEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmY2VkMGIyOTI1NDNkODU1OTAxZjZkMDFmMjFmOTZkODE0YjI3ZmIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr5FR9YZnIsutQzAk3otfZbVL1RFL
LczGbAPi88ANrC2pMuZPBz3g5Pf38VkF/6FSsO5NUWMuzK5BYGhpZQDlhredDJQo
Z5fhMsu09UmdaEUCYOzvbCI9HRNJGYEisAfwcC8jc1sOEuk09cdAffXXglDozd+b
UVDO9ksBPjwW6kMe7ezF9KR/lYqJ9AJ8kzNSb2K79fA1UL4PDwjIKn41pRCdx4tK
ZPJ1Ih8Cla/nJOPy4yfDhLcqEDng7HhnhwE5FYdFA8RntwBBBM+w7CMqIgJH7hXq
oifbWCpkvVOVoROiZMG3McwY641dQQPVdtnq+cQKgMlMuUcWKGSvaB2QgwIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFPztCyklQ9hVkB9tAfIfltgUsn+xMB8GA1UdIwQY
MBaAFNJIGFlW5EO1WwYiAPlkU3vBC8EwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGtnWVdWYmtRN1ZiQmlJQS1XUlRlOEVMd1RBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9kZTg3NWEtMDU3Ni00YTE1LWJlMjMt
YWVhMDU0Y2Y0M2JiLzEvX08wTEtTVkQyRldRSDIwQjhoLVcyQlN5ZjdFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9kZTg3NWEtMDU3Ni00YTE1LWJlMjMtYWVhMDU0Y2Y0M2Ji
LzEvMGtnWVdWYmtRN1ZiQmlJQS1XUlRlOEVMd1RBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQAwyufAwQA
wy/SAwQAwy/UAwQAwy/YMA0EAgACMAcDBQMqD7bAMA0GCSqGSIb3DQEBCwUAA4IB
AQA+8tg9TMZgCezoCF1AkLEbJZIPrJokqs1tpE6n9edp4gPu2v3N/wE7lLrRcIYj
aCXgvvazMn84H3IZ7GsrU/WqWuk2pOiDpmnQuDFf+o4aa0OcQQKYHYGmsX4UteiF
RS/srRkkRHrIHk4dsstkYlmtOpSOEqdTY091E8dCHmXklJs8Ao08JmI9RNx6KM65
U+hFysPCcDA6brbG4vgw5PoRaqQLt219djBRP5b5tLVe2o77XcWTAMqlMwH6TQcl
eyaMzl6eJhUJWT1g8YoJBj4gSgBnoHJAXA2pPRQhaE8p1/7uuBmWEyQE3vQeoP8O
6p49nsyaBBJuKL9ql4GjaXC4
-----END CERTIFICATE-----
Generated at Fri Apr 25 13:17:39 2025 by rpki-client